US20140101437A1 - Automated certification based on role - Google Patents
Automated certification based on role Download PDFInfo
- Publication number
- US20140101437A1 US20140101437A1 US13/644,372 US201213644372A US2014101437A1 US 20140101437 A1 US20140101437 A1 US 20140101437A1 US 201213644372 A US201213644372 A US 201213644372A US 2014101437 A1 US2014101437 A1 US 2014101437A1
- Authority
- US
- United States
- Prior art keywords
- certification
- requirements
- level
- certification requirements
- recited
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 claims abstract description 168
- 230000008569 process Effects 0.000 claims abstract description 135
- 238000012545 processing Methods 0.000 claims description 7
- 238000011156 evaluation Methods 0.000 abstract description 7
- 238000012360 testing method Methods 0.000 description 17
- 238000007726 management method Methods 0.000 description 15
- 238000010586 diagram Methods 0.000 description 12
- 238000004891 communication Methods 0.000 description 9
- 238000004519 manufacturing process Methods 0.000 description 9
- 238000004458 analytical method Methods 0.000 description 8
- 238000012423 maintenance Methods 0.000 description 8
- 230000008520 organization Effects 0.000 description 8
- 230000003993 interaction Effects 0.000 description 7
- 230000002155 anti-virotic effect Effects 0.000 description 6
- 238000013499 data model Methods 0.000 description 6
- 229910000906 Bronze Inorganic materials 0.000 description 5
- BQCADISMDOOEFD-UHFFFAOYSA-N Silver Chemical compound [Ag] BQCADISMDOOEFD-UHFFFAOYSA-N 0.000 description 5
- 239000010974 bronze Substances 0.000 description 5
- KUNSUQLRTQLHQQ-UHFFFAOYSA-N copper tin Chemical compound [Cu].[Sn] KUNSUQLRTQLHQQ-UHFFFAOYSA-N 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 238000012804 iterative process Methods 0.000 description 5
- 229910052709 silver Inorganic materials 0.000 description 5
- 239000004332 silver Substances 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 description 3
- 229910052737 gold Inorganic materials 0.000 description 3
- 239000010931 gold Substances 0.000 description 3
- 238000009434 installation Methods 0.000 description 3
- 230000002688 persistence Effects 0.000 description 3
- 238000012552 review Methods 0.000 description 3
- 102100026278 Cysteine sulfinic acid decarboxylase Human genes 0.000 description 2
- 101000855583 Homo sapiens Cysteine sulfinic acid decarboxylase Proteins 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012502 risk assessment Methods 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 101500000959 Bacillus anthracis Protective antigen PA-20 Proteins 0.000 description 1
- 101000836394 Homo sapiens Sestrin-1 Proteins 0.000 description 1
- 101000701286 Pseudomonas aeruginosa (strain ATCC 15692 / DSM 22644 / CIP 104116 / JCM 14847 / LMG 12228 / 1C / PRS 101 / PAO1) Alkanesulfonate monooxygenase Proteins 0.000 description 1
- 102100027288 Sestrin-1 Human genes 0.000 description 1
- 101000983349 Solanum commersonii Osmotin-like protein OSML13 Proteins 0.000 description 1
- 101000983338 Solanum commersonii Osmotin-like protein OSML15 Proteins 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 238000003339 best practice Methods 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 230000000153 supplemental effect Effects 0.000 description 1
- 238000005303 weighing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/20—Education
- G06Q50/205—Education administration or guidance
- G06Q50/2057—Career enhancement or continuing education service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/105—Human resources
- G06Q10/1053—Employment or hiring
Definitions
- computing devices can be utilized in a variety of contexts such as for exchanging information, facilitating communication between users, facilitating the operation and control of a wide variety devices and processes, and the like.
- a computing network made up of a number of computing devices, including personal computing devices, server computing devices, programmable logic controllers (PLCs), or other networked devices.
- the computing network can be utilized in conjunction with a communication network, such as the Internet, to facilitate the operation and control of various devices/processes.
- a networked PLC may be utilized to control the operation of physical manufacturing or processing equipment, such as controllers for valves, power supplies, pumps, machinery, etc.
- a software application may be hosted on a networked computing device (such as a server or personal computing device) to receive instructions regarding the operation of various equipment and transmit the appropriate respective instructions to the appropriate equipment (such as through a PLC).
- a networked computing device such as a server or personal computing device
- a fault in one or more networked computing devices can lead to the failure of associated equipment, loss of manufacturing/production time, property damage, and the like.
- manufacturing/production computing networks can be designed with redundant components to avoid fault conditions during execution in a manufacturing/production environment.
- a PLC may include a “fail safe” mode such that in the event of a fault, the outputs from the PLC mitigate potential damage to attached equipment or errant instructions that could cause additional faults/damage.
- the equipment in any physical location may be provided or maintained by a number of different entities, such as vendors, integrators, service providers, and the like.
- entities can have a different role in the installation, configuration, operation or maintenance of equipment.
- each entity associated with the equipment should have appropriate certification of compliance with security, engineering best practices, or operational criteria based on their respective role in the process.
- role-based certification can allow for additional business opportunities or provide an opportunity to interact with other certified entities. For example, a certified integrator may only wish to utilize certified vendors.
- FIG. 1 is a block diagram of a certification environment including a certification authority and a number of vendors, integrators and service providers;
- FIGS. 2A is block diagram of the certification system of FIG. 1 illustrating the generation of certification requirements responsive to a request from an entity;
- FIG. 2B is a block diagram of the certification system of FIG. 1 illustrating the generation of a certification results responsive to a request from an entity;
- FIGS. 3A and 3B are block diagrams illustrative of a data model for organizing certification requirements according to process areas, process area subgroups, and base practice objectives;
- FIGS. 4A and 4B are flow diagrams illustrative of a certification scope generation routine implemented by a certification authority
- FIGS. 5A and 5B are flow diagrams illustrative of a certification requirements sub-routine implemented by a certification authority
- FIGS. 6A and 6B are flow diagrams illustrative of a certification scope generation routine implemented by a certification authority.
- FIG. 7 is a flow diagram illustrative of a process area requirements analysis sub-routine implemented by a certification authority.
- This disclosure generally relates to the certification of entities based on satisfaction of certification requirements. More specifically, in one aspect, the present disclosure relates to systems and methods for generating a set of certification requirements based on a defined role and certification level for a requesting entity.
- a target set of certification requirements is organized according to a set of process areas that are applicable to one or more roles. Each process area is defined into a set of process area subgroups, which is further defined according to base practice objectives. Each base practice objective includes an identification of certification requirements.
- Each of the certification requirements may be applicable to a requesting entity based on the specified level of certification.
- an iterative process can be implemented to determine applicable process areas, process area subgroups, and business practice objectives. Based on the applicable process areas, process area subgroups and business practice objective, a set of applicable certification requirements can be determined.
- an entity may request certification based on an evaluation of certification information submitted by the entity against a set of previously determined applicable certification requirements.
- the evaluation of the certification information can include a determination of how many certification requirements have been satisfied, how many certification requirements have not been satisfied but may be satisfied within a time window and how many certification requirements are determined to be not satisfied.
- the certification authority can utilize a variety of thresholds to determine whether certification is appropriate or what level of certification is appropriate.
- FIG. 1 is a block diagram of a certification environment 100 for illustration of various certification processes of the present application.
- the certification environment 100 includes a certification authority 102 .
- a certification authority 102 In communication with the certification authority 102 are a number of entities that are capable of requesting certification. As illustrated in FIG. 1 , the entities can be organized according to roles, such as vendors 104 , integrators 106 and service providers 108 .
- the certification authority 102 , vendor 104 , integrator 106 and service provider 108 as illustrated in FIG. 1 single components, one skilled in the relevant art will appreciate that the components may entitle a number of identifiable aspects including but not limited to one or more computing devices, networking equipment and personnel. Accordingly, the actions attributed to each of the components should not be limited to any particular type of action or specifically to a type of component.
- one or more aspects of the interaction of the components of the certification environment 100 may be implemented with the transmission or exchange of communications via a communication network, such as the Internet.
- the components would utilize one or more computing devices or communication equipment to facilitate the illustrated interaction.
- combination of interaction including manual implementation of one or more steps or processes may be implemented.
- the certification authority 102 may maintain, or otherwise be in communication with, a number of data stores for maintaining information associated with the determination of certification requirements by the certification authority or the maintenance of determined certification requirements for future analysis.
- the certification authority may maintain a process areas requirement data store 110 maintains information related to the organization of a target set of certification requirements according to a set of defined process areas.
- the certification authority 102 maintains a scoped requirements data store 112 for maintaining information related to a selection of certification requirements for one or more entities.
- the process areas requirement data store 110 and the scoped requirements data store 112 are illustrated as single data stores, one skilled in the relevant art will appreciate that data associated with the data stores may be maintained in various data stores or distributed over a computer network.
- the certification authority 102 can generate a set of certification requirements from a target set of certification requirements. To generate the target set of certification requirements, the certification authority 102 can first determine which of the target certification requirements may be applicable to the requesting entity based on a designated role.
- the roles can include a vendor of equipment (e.g., a vendor), an integrator of one or more vendor equipment (e.g., an integrator), or a service provider that configures or maintains installed equipment (e.g., a service provider).
- a single entity may correspond to one or more roles.
- the certification authority 102 can then select certification requirements base on a specified level of certification.
- the levels of certification can be hierarchically arranged.
- a three level hierarchy may have a first, second and third level (e.g., a bronze, silver and gold level) in which the first level defines the minimal set of certification requirements, the second level incorporates all the certification requirements of the first level plus additional certification requirements and the third level incorporates the certification requirements of the first and second levels plus further certification requirements.
- the certification requirements from each of the levels may be defined such that none of the certification requirements overlap between levels.
- FIGS. 2A and 2B various interactions of the components of the certification environment 100 will be described.
- FIG. 2A an illustrative interaction for the generation of a set of requirements responsive to a request will be illustrated.
- the process will be illustrated with regard to requests from an integrator 106 .
- the identification of an integrator 106 is only for illustrative purposes and other roles would be equally applicable.
- the integrator sends a certification request to the certification authority 102 .
- the certification request will specify the role of the entity (e.g., an integrator) and a desired certification level.
- the certification authority 102 processes the request and determines certification requirements for the requesting entity based on the role of the entity and the desired certification level. Illustrative flow diagrams for processing the certification request will be described with regard to FIGS. 4 and 5 .
- the certification authority 102 stores the determined certification requirements, such as in the scope requirements data store 112 .
- the certification authority sends the determine certification requirements to the requesting entity, integrator 106 .
- the certification authority can publish the certification requirements or utilize various transmission mediums and protocols to send the information. Additionally, the certification authority 102 can also send information utilized to collect certification information or explanatory information.
- the integrator (or other requesting entity) sends a certification evaluation request to the certification authority 102 .
- the certification request will specify the set of requirements that were previously provided by the certification authority 102 or include the set of certification requirements provided by the certification authority 102 .
- the certification authority 102 recalls any previously stored information related to the certification requirements previously determined for the requesting entity.
- the certification authority 102 processes the request/transmission and determines whether the certification requirements for the requesting entity based on the role of the entity and the desired certification level have been satisfied. Illustrative flow diagrams for processing the certification request will be described with regard to FIGS. 6 and 7 .
- the certification authority 102 can determine whether evidence of implementation, such as warrants that specific actions or configurations are in place, correspond to sufficient evidence of implementation.
- the certification authority 102 can also identify whether one or more requirements have not been satisfied but may be implemented in the future, as will be described later.
- the certification authority 102 can utilize a number of thresholds that can specify a maximum number of certification requirements that have not been met, a maximum number of certification requirements that will be implemented in the future or a minimum number of certification requirements that have been implemented to determine whether the requesting entity has satisfied the certification requirements.
- the certification authority sends the determine certification to the requesting entity, integrator 106 .
- the certification authority can publish the certification or utilize various transmission mediums and protocols to send the information. Additionally, the certification authority 102 can also send information utilized to collect certification information or explanatory information.
- the target set of certification requirements may be organized in a manner that allows the certification authority 102 to filter based on a designated role of the requester.
- the organization of the target set of certification requirements corresponds to two or more process areas.
- FIGS. 3A and 3B an illustrative data model 300 for the set of target certification requirements will be described.
- the data model includes four process areas 302 , 304 , 306 , and 308 that are selected based on specific functions or processes that may be controlled by the requesting entity.
- the first process area 302 corresponds to an organization process area and is applicable to every role.
- the second process area 304 corresponds to a system capabilities process area and corresponds to a vendor role.
- the third process area 306 corresponds to system acceptance testing and commissioning process area and corresponds to an integrator role.
- the fourth process area 308 corresponds to a maintenance and support process area and corresponds to a service provider role.
- Each process area 302 , 304 , 306 , 308 includes a grouping of process area subgroups 310 , 312 , 314 , 316 .
- the process area subgroups 310 , 312 , 314 , 316 correspond to a further definition of the process area.
- each process area subgroup is further defined by one or more process area subgroup are base practice objectives 354 , 356 that are fulfilled to meet the definition of the process area subgroup.
- Each base practice objective 354 , 356 then define one or more certification requirements 358 , 360 that are to be met to satisfy the base practice objective. As illustrated in FIG.
- each of the certification requirements 358 , 360 is associated with a certification level that allows the certification authority 102 to determine if the certification requirement is applicable to the requesting entity based on a designated certification level.
- a certification level that allows the certification authority 102 to determine if the certification requirement is applicable to the requesting entity based on a designated certification level.
- an entity requesting a “bronze” level certification would only have to satisfy any certification requirements associated with the bronze level.
- an entity requesting a “gold” level certification would have to satisfy all certification requirements including all bronze, silver and gold levels.
- the certification requirements are associated with individual certification requirements under the base practice objectives 354 , 356 but the base practice objectives (or other higher organizational components) are not associated with individual certification requirements.
- Appendix A includes an identification of process areas and process area subgroups in an illustrative embodiment.
- the certification authority may implement a modified data model or alternative data models.
- routines 400 , 500 for the generation of a set of certification requirements from a target set of certification requirements will be described.
- routines 400 , 500 will be described as being implemented generally by the certification authority 102 regardless of whether such implementation may involve multiple components associated with the certification authority.
- the certification authority 102 obtains certification selection criteria.
- an entity such as a potential vendor 104 , integrator 106 or service provider 108 , sends a certification request to the certification authority 102 .
- the certification criteria included in the request will specify the role of the entity (e.g., a vendor) and a desired certification level (e.g. silver).
- the certification authority 102 Upon receipt of the request, the certification authority 102 processes the request and determines certification requirements for the requesting entity based on the role of the entity and the desired certification level. In the embodiment illustrated in FIGS. 4A and 4B , the certification authority 102 can implement an iterative process to select appropriate certification requirements based on role and certification level. More specifically, at block 404 , the certification authority 102 processes certification requirements for the organization process area 302 ( FIG. 3A ). As previously described, the organization process area may be applicable to all roles. An illustrative sub-routine 500 for processing the requirements according to a specific process area will be described with regard to FIGS. 5A and 5B .
- a test is conducted to determine whether the designated role corresponds to a vendor role 104 . If the role of the requester is a vendor, the certification authority 102 will identify certification requirements for each component to be provided by the vendor. Accordingly, the certification authority 102 enters an iterative loop to select a next component at block 408 and process the certification requirements for systems capability process area 304 ( FIG. 3A ), which is applicable to for entities that are in a vendor role. Blocks 408 and 410 will repeat for multiple components.
- a test is conducted to determine whether the designated role corresponds to an integrator role 106 . If the role of the requester is an integrator, the certification authority 102 will process the certification requirements for systems acceptance testing and commissioning process area 306 ( FIG. 3A ), which is applicable to for entities that are in an integrator role. In one embodiment, the integrator role may require the utilization of vendors that have been certified by the certification authority 102 .
- a test is conducted to determine whether the designated role corresponds to a service provider role 106 . If the role of the requester is a service provider, the certification authority 102 will process the certification requirements for systems maintenance and support process area 308 ( FIG. 3A ), which is applicable to for entities that are in a service provider role. In one embodiment, the integrator role may require the utilization of vendors and integrators that have been certified by the certification authority 102 .
- the routine 400 terminates. Upon the termination of routine 400 , the certification authority 102 may store the determined certification requirements, transmit the determined certification requirements, publish the determined certification requirements and the like.
- sub-routine 500 for determining process areas requirements for a defined process area will be described.
- sub-routine 500 may be implemented multiple times, such as at block 404 , 410 , 414 or 420 .
- the certification authority 102 implements an iterative process of examining each process area subgroup for a specified process area. In turn, the certification authority 102 then examines each base practice objective for each of the identified process area subgroups. Still further, the certification authority 102 then examines each of the individual certification requirements for each identified base practice objective.
- the certification authority 102 identifies the next process area subgroup for the defined process area at block 502 .
- the certification authority 102 selects the next base practice objective.
- the certification authority 102 selects the next certification requirement for the current base practice objective.
- a test is conducted to determine whether the certification level associated with the current certification requirement meets or is less than the certification level specified in the request from the entity. For example, a specified desired level for silver certification would encompass all certification requirements associated with a bronze or silver level of certification. If the current certification requirement meets or is less than the certification level specified in the request, at block 510 , the certification requirement is added to the certification scope (e.g., the set of required certification requirements). If not, the current certification requirement may be omitted.
- the certification scope e.g., the set of required certification requirements
- a test is conducted to determine whether additional certification requirements are identified for the specified base practice objective. If so, the sub-routine 500 returns to block 506 until all the requirements for the current base practice objective have been evaluated or alternatively until one requirement is determined not be required.
- a test is conducted to determine whether additional base practice objective are defined for the current process area subgroup. If so, the sub-routine 500 returns to block 504 to process the next base practice objective for the current process area subgroup. Portions of sub-routine 500 then repeat until all the base practice objectives for the current process area subgroup have been evaluated.
- a test is conducted to determine whether additional process area subgroups remain to be evaluated. If so, the sub-routine 500 returns to block 502 to process the next process area subgroup for the specified process area. Portions of sub-routine 500 then repeat until all the process area subgroups for the specified process area have been evaluated. Upon the completion of the evaluation all process area subgroups (and corresponding base practice objectives and certification requirements), the sub-routine 500 returns the identified certification requirements at block 518 .
- routines 600 , 700 for the evaluation of a set of certification requirements will be described.
- routines 600 , 700 will be described as being implemented generally by the certification authority 102 regardless of whether such implementation may involve multiple components associated with the certification authority.
- the certification authority 102 obtains certification scoping information from the request entity.
- an entity such as a potential vendor 104 , integrator 106 or service provider 108 , sends a certification request to the certification authority 102 .
- the certification information include the identification of the set of certification requirements previously determined by the certification authority ( FIGS. 4A and 4B ) along with evidence of implementation. The evidence of implementation may vary according to specific certification requirements and will be generally referred to as warrants.
- the certification authority 102 processes the request and determines certification compliance for the requesting entity based on the role of the entity and the desired certification level.
- the certification authority 102 can implement an iterative process to select appropriate certification requirements based on role and certification level. More specifically, at block 604 , the certification authority 102 processes certification analysis for the organization process area 302 ( FIG. 3A ). As previously described, the organization process area may be applicable to all roles. An illustrative sub-routine 700 for processing the requirements according to a specific process area will be described with regard to FIG. 7 .
- a test is conducted to determine whether the designated role corresponds to a vendor role 104 . If the role of the requester is a vendor, the certification authority 102 will identify certification analysis for each component to be provided by the vendor. Accordingly, the certification authority 102 enters an iterative loop to select a next component at block 608 and process the certification requirements for systems capability process area 304 ( FIG. 3A ), which is applicable to for entities that are in a vendor role. Blocks 608 and 610 will repeat for multiple components.
- a test is conducted to determine whether the designated role corresponds to an integrator role 106 . If the role of the requester is an integrator, the certification authority 102 will process the certification analysis for systems acceptance testing and commissioning process area 306 ( FIG. 3A ), which is applicable to for entities that are in an integrator role. In one embodiment, the integrator role may require the utilization of vendors that have been certified by the certification authority 102 .
- a test is conducted to determine whether the designated role corresponds to a service provider role 106 . If the role of the requester is a service provider, the certification authority 102 will process the certification analysis for systems maintenance and support process area 308 ( FIG. 3A ), which is applicable to for entities that are in a service provider role. In one embodiment, the integrator role may require the utilization of vendors and integrators that have been certified by the certification authority 102 .
- the routine 600 terminates. Upon the termination of routine 600 , the certification authority 102 may store the determined certification, transmit the determined certification, publish the determined certification and the like. Illustratively, the determined certification can include a determination that certification is complete or incomplete.
- Sub-routine 700 for determining whether certification requirements for a defined process area will be described.
- Sub-routine 700 may be implemented multiple times, such as at block 604 , 610 , 614 or 620 .
- the certification authority 102 implements an iterative process of examining each process area subgroup for a specified process area.
- the certification authority 102 identifies the next certification requirement for the defined process area.
- the certification authority 102 obtains the warrant information corresponding to the information submitted by the requester that is purportedly evidentiary of satisfaction of the selected system requirement.
- a test is conducted to determine whether the certification requirement has been met. If so, the certification authority 102 designates the certification requirement as satisfied at block 708 and may increment a counter related to a number of certification requirements satisfied. In some embodiments, the certification authority 102 and requesting entity may have any number of supplemental interactions related to an establishment of whether the certification requirement has been implemented.
- the certification authority may allow some portion of the certification requirements to be designated as future implementations. For example, one or more certification requirements may not be able to be satisfied until a minimum number of sales or installations occur. In another example, the certification authority may allow the requester some time period to implement one or more certification requirements. Accordingly, in this embodiment, if at decision block 706 the certification requirement is not satisfied, at decision block 710 , a test is conducted to determine whether the certification criteria is associated with time criteria that will allow the certification requirement to be implemented in the future. If so, at block 712 , the certification authority 102 designates the certification requirement as a future implementation and may increment a counter related to a number of future implementations.
- the certification authority 102 designates the certification requirement as not satisfied and may increment a counter related to a number of failed certification requirements.
- a test is then conducted to determine whether additional certification requirements exist. If so, the sub-routine 700 returns to block 702 to select the next certification requirement. Alternatively, the sub-routine 700 returns the results at block 718 .
- the certification authority 102 can utilize multiple threshold to determine whether certification is appropriate and at what level.
- the certification authority may utilize a threshold that indicates that maximum number of certification requirements that are designated as not satisfied or a list of certification requirements that must be satisfied.
- the certification authority may utilize a threshold that identifies a maximum number of future implementation.
- the certification authority may also utilize weighing schemas in which certification requirements are associated with weights according to priorities or importance.
- the analysis of the certification would include a determination of an overall score based on average weights of the individual certification requirements or a sum total of the weights of the satisfied certification requirements. Other analysis techniques may also be implemented.
- Conditional language such as, among others, “can,” “could,” “might,” or “may,” unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or steps. Thus, such conditional language is not generally intended to imply that features, elements and/or steps are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without user input or prompting, whether these features, elements and/or steps are included or are to be performed in any particular embodiment.
- component and/or data can be included in a single device or distributed in any manner.
- general purpose computing devices may be configured to implement the processes, algorithms and methodology of the present disclosure with the processing and/or execution of the various data and/or components described above.
- some or all of the methods described herein may alternatively be embodied in specialized computer hardware.
- the components referred to herein may be implemented in hardware, software, firmware or a combination thereof.
- PA BP ID Base Practice Objective Organizational
- PA01 Prepare BP.01.01 Requirement recognition and Process Areas and Inform enforcement Personnel BP.01.02 Ensure alignment BP.01.03 Protect sensitive documentation BP.01.04 Background checks BP.01.05 Competent personnel BP.01.06 Confidentiality and user agreements
- PA02 Designate BP.02.01 Nominate the role a Security Contact
- PA03 Specify BP.03.01 Standards employed Base Practices BP.03.02 Security certificates
- PA04 Harden BP.04.01 Document requirements Process Areas the System BP.04.02 Manage 3 rd party software BP.04.03 Conduct 3 rd party security architecture reviews BP.04.04 Declaration of trusted interfaces BP.04.05 Strengthen Protocol
- PA05 Protect BP.05.01 Support anti-virus software from Malicious BP.05.02 Proper installation instructions Code BP.05.03 Virus-free equipment
- PA06 Implement BP.06.01 Policy documentation Patch BP.06.02 Patch qualification Management BP.06.03 Provide patch list BP
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Human Resources & Organizations (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Educational Technology (AREA)
- Educational Administration (AREA)
- General Physics & Mathematics (AREA)
- Economics (AREA)
- Entrepreneurship & Innovation (AREA)
- Marketing (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Operations Research (AREA)
- Health & Medical Sciences (AREA)
- Quality & Reliability (AREA)
- Primary Health Care (AREA)
- General Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Stored Programmes (AREA)
- Information Transfer Between Computers (AREA)
Abstract
In one aspect, systems and methods for generating a set of certification requirements based on a defined role and certification level for a requesting entity are provided. A target set of certification requirements is organized according to a set of process areas that are applicable to one or more roles. Each process area is defined into a set of process area subgroups, which is further defined according to base practice objectives. Each base practice objective includes an identification of certification requirements. Each of the certification requirements may be applicable to a requesting entity based on the specified level of certification. In another aspect, an entity may request certification based on an evaluation of certification information submitted by the entity against a set of previously determined applicable certification requirements. The certification authority can utilize a variety of thresholds to determine whether certification is appropriate or what level of certification is appropriate.
Description
- Generally described, computing devices can be utilized in a variety of contexts such as for exchanging information, facilitating communication between users, facilitating the operation and control of a wide variety devices and processes, and the like. In the context of a manufacturing or production environment, a computing network made up of a number of computing devices, including personal computing devices, server computing devices, programmable logic controllers (PLCs), or other networked devices. The computing network can be utilized in conjunction with a communication network, such as the Internet, to facilitate the operation and control of various devices/processes. For example, a networked PLC may be utilized to control the operation of physical manufacturing or processing equipment, such as controllers for valves, power supplies, pumps, machinery, etc. Similarly, a software application, or suite of software applications, may be hosted on a networked computing device (such as a server or personal computing device) to receive instructions regarding the operation of various equipment and transmit the appropriate respective instructions to the appropriate equipment (such as through a PLC).
- A fault in one or more networked computing devices, such a fault in a computing device, can lead to the failure of associated equipment, loss of manufacturing/production time, property damage, and the like. Accordingly, manufacturing/production computing networks (including hardware and software aspects) can be designed with redundant components to avoid fault conditions during execution in a manufacturing/production environment. For example, a PLC may include a “fail safe” mode such that in the event of a fault, the outputs from the PLC mitigate potential damage to attached equipment or errant instructions that could cause additional faults/damage.
- Generally described, the equipment in any physical location may be provided or maintained by a number of different entities, such as vendors, integrators, service providers, and the like. Each of the entities can have a different role in the installation, configuration, operation or maintenance of equipment. From the perspective of a facility owner or manager, each entity associated with the equipment should have appropriate certification of compliance with security, engineering best practices, or operational criteria based on their respective role in the process. From the perspective of the entities, role-based certification can allow for additional business opportunities or provide an opportunity to interact with other certified entities. For example, a certified integrator may only wish to utilize certified vendors.
- The present disclosure will now be described in detail below in connection with the following figures in which:
-
FIG. 1 is a block diagram of a certification environment including a certification authority and a number of vendors, integrators and service providers; -
FIGS. 2A is block diagram of the certification system ofFIG. 1 illustrating the generation of certification requirements responsive to a request from an entity; -
FIG. 2B is a block diagram of the certification system ofFIG. 1 illustrating the generation of a certification results responsive to a request from an entity; -
FIGS. 3A and 3B are block diagrams illustrative of a data model for organizing certification requirements according to process areas, process area subgroups, and base practice objectives; -
FIGS. 4A and 4B are flow diagrams illustrative of a certification scope generation routine implemented by a certification authority; -
FIGS. 5A and 5B are flow diagrams illustrative of a certification requirements sub-routine implemented by a certification authority; -
FIGS. 6A and 6B are flow diagrams illustrative of a certification scope generation routine implemented by a certification authority; and -
FIG. 7 is a flow diagram illustrative of a process area requirements analysis sub-routine implemented by a certification authority. - This disclosure generally relates to the certification of entities based on satisfaction of certification requirements. More specifically, in one aspect, the present disclosure relates to systems and methods for generating a set of certification requirements based on a defined role and certification level for a requesting entity. A target set of certification requirements is organized according to a set of process areas that are applicable to one or more roles. Each process area is defined into a set of process area subgroups, which is further defined according to base practice objectives. Each base practice objective includes an identification of certification requirements. Each of the certification requirements may be applicable to a requesting entity based on the specified level of certification. For a defined role and certification level, an iterative process can be implemented to determine applicable process areas, process area subgroups, and business practice objectives. Based on the applicable process areas, process area subgroups and business practice objective, a set of applicable certification requirements can be determined.
- In another aspect, an entity may request certification based on an evaluation of certification information submitted by the entity against a set of previously determined applicable certification requirements. Illustratively, the evaluation of the certification information can include a determination of how many certification requirements have been satisfied, how many certification requirements have not been satisfied but may be satisfied within a time window and how many certification requirements are determined to be not satisfied. The certification authority can utilize a variety of thresholds to determine whether certification is appropriate or what level of certification is appropriate.
- Embodiments of the disclosure will now be described with reference to the accompanying figures, wherein like numerals refer to like elements throughout. The terminology used in the description presented herein is not intended to be interpreted in any limited or restrictive manner, simply because it is being utilized in conjunction with a detailed description of certain specific embodiments of the invention. Likewise, although the present application will be described with regard to specific examples, such as roles and process areas, such examples should not be construed as limiting. Accordingly, additional or alternative embodiments may be practiced in accordance with the present application. Furthermore, embodiments of the invention may include several novel features, no single one of which is solely responsible for its desirable attributes or which is essential to practicing the inventions herein described.
-
FIG. 1 is a block diagram of acertification environment 100 for illustration of various certification processes of the present application. Thecertification environment 100 includes acertification authority 102. In communication with thecertification authority 102 are a number of entities that are capable of requesting certification. As illustrated inFIG. 1 , the entities can be organized according to roles, such asvendors 104,integrators 106 andservice providers 108. Although thecertification authority 102,vendor 104,integrator 106 andservice provider 108 as illustrated inFIG. 1 single components, one skilled in the relevant art will appreciate that the components may entitle a number of identifiable aspects including but not limited to one or more computing devices, networking equipment and personnel. Accordingly, the actions attributed to each of the components should not be limited to any particular type of action or specifically to a type of component. - In some embodiments, one or more aspects of the interaction of the components of the
certification environment 100 may be implemented with the transmission or exchange of communications via a communication network, such as the Internet. In such embodiments, the components would utilize one or more computing devices or communication equipment to facilitate the illustrated interaction. In other embodiments, combination of interaction including manual implementation of one or more steps or processes may be implemented. - With continued reference to
FIG. 1 , thecertification authority 102 may maintain, or otherwise be in communication with, a number of data stores for maintaining information associated with the determination of certification requirements by the certification authority or the maintenance of determined certification requirements for future analysis. In one embodiment, the certification authority may maintain a process areasrequirement data store 110 maintains information related to the organization of a target set of certification requirements according to a set of defined process areas. In another embodiment, thecertification authority 102 maintains a scopedrequirements data store 112 for maintaining information related to a selection of certification requirements for one or more entities. Although the process areasrequirement data store 110 and the scopedrequirements data store 112 are illustrated as single data stores, one skilled in the relevant art will appreciate that data associated with the data stores may be maintained in various data stores or distributed over a computer network. - As previously discussed, in an illustrative embodiment, in one aspect, the
certification authority 102 can generate a set of certification requirements from a target set of certification requirements. To generate the target set of certification requirements, thecertification authority 102 can first determine which of the target certification requirements may be applicable to the requesting entity based on a designated role. Illustratively, the roles can include a vendor of equipment (e.g., a vendor), an integrator of one or more vendor equipment (e.g., an integrator), or a service provider that configures or maintains installed equipment (e.g., a service provider). A single entity may correspond to one or more roles. - Once the target set of certification requirements has been filtered based on specified role, the
certification authority 102 can then select certification requirements base on a specified level of certification. In one embodiment, the levels of certification can be hierarchically arranged. For example, a three level hierarchy may have a first, second and third level (e.g., a bronze, silver and gold level) in which the first level defines the minimal set of certification requirements, the second level incorporates all the certification requirements of the first level plus additional certification requirements and the third level incorporates the certification requirements of the first and second levels plus further certification requirements. In another embodiment, the certification requirements from each of the levels may be defined such that none of the certification requirements overlap between levels. Although the present discussion is described with regard to a three-level hierarchy, one skilled in the relevant art will appreciate that more or less levels of certification requirements may be incorporated. An illustrated data organization model for the target set of certification requirements will be described with regard toFIGS. 3A and 3B . - With reference to
FIGS. 2A and 2B , various interactions of the components of thecertification environment 100 will be described. With reference toFIG. 2A , an illustrative interaction for the generation of a set of requirements responsive to a request will be illustrated. In the example illustrated inFIGS. 2A and 2B , the process will be illustrated with regard to requests from anintegrator 106. However, the identification of anintegrator 106 is only for illustrative purposes and other roles would be equally applicable. At (1), the integrator sends a certification request to thecertification authority 102. Illustratively, the certification request will specify the role of the entity (e.g., an integrator) and a desired certification level. - At (2), the
certification authority 102 processes the request and determines certification requirements for the requesting entity based on the role of the entity and the desired certification level. Illustrative flow diagrams for processing the certification request will be described with regard toFIGS. 4 and 5 . At (3), thecertification authority 102 stores the determined certification requirements, such as in the scoperequirements data store 112. - At (4), the certification authority sends the determine certification requirements to the requesting entity,
integrator 106. The certification authority can publish the certification requirements or utilize various transmission mediums and protocols to send the information. Additionally, thecertification authority 102 can also send information utilized to collect certification information or explanatory information. - Turning to
FIG. 2B , an illustrative interaction for the evaluation of a set of requirements responsive will be illustrated. At (1), the integrator (or other requesting entity) sends a certification evaluation request to thecertification authority 102. Illustratively, the certification request will specify the set of requirements that were previously provided by thecertification authority 102 or include the set of certification requirements provided by thecertification authority 102. - At (2), the
certification authority 102 recalls any previously stored information related to the certification requirements previously determined for the requesting entity. At (3), thecertification authority 102 processes the request/transmission and determines whether the certification requirements for the requesting entity based on the role of the entity and the desired certification level have been satisfied. Illustrative flow diagrams for processing the certification request will be described with regard toFIGS. 6 and 7 . Illustratively, thecertification authority 102 can determine whether evidence of implementation, such as warrants that specific actions or configurations are in place, correspond to sufficient evidence of implementation. Thecertification authority 102 can also identify whether one or more requirements have not been satisfied but may be implemented in the future, as will be described later. Illustratively, thecertification authority 102 can utilize a number of thresholds that can specify a maximum number of certification requirements that have not been met, a maximum number of certification requirements that will be implemented in the future or a minimum number of certification requirements that have been implemented to determine whether the requesting entity has satisfied the certification requirements. - At (4), the certification authority sends the determine certification to the requesting entity,
integrator 106. The certification authority can publish the certification or utilize various transmission mediums and protocols to send the information. Additionally, thecertification authority 102 can also send information utilized to collect certification information or explanatory information. - As previously described, the target set of certification requirements may be organized in a manner that allows the
certification authority 102 to filter based on a designated role of the requester. In one embodiment, the organization of the target set of certification requirements corresponds to two or more process areas. With reference now toFIGS. 3A and 3B , anillustrative data model 300 for the set of target certification requirements will be described. With reference toFIG. 3A , the data model includes fourprocess areas first process area 302 corresponds to an organization process area and is applicable to every role. Thesecond process area 304 corresponds to a system capabilities process area and corresponds to a vendor role. Thethird process area 306 corresponds to system acceptance testing and commissioning process area and corresponds to an integrator role. Thefourth process area 308 corresponds to a maintenance and support process area and corresponds to a service provider role. - Each
process area process area subgroups process area subgroups FIG. 3B , each process area subgroup, generically 352, is further defined by one or more process area subgroup arebase practice objectives base practice objective more certification requirements FIG. 3A , each of thecertification requirements certification authority 102 to determine if the certification requirement is applicable to the requesting entity based on a designated certification level. By way of illustrative example, in a hierarchical certification level embodiment, an entity requesting a “bronze” level certification would only have to satisfy any certification requirements associated with the bronze level. However, an entity requesting a “gold” level certification would have to satisfy all certification requirements including all bronze, silver and gold levels. As illustrated inFIG. 3B , the certification requirements are associated with individual certification requirements under thebase practice objectives - Although the
data model 300 has been described with illustrative four process areas, one skilled in the art will appreciate that additional or alternative process areas, process area subgroups, or base practice objectives may be incorporated by the certification authority 10. Appendix A includes an identification of process areas and process area subgroups in an illustrative embodiment. In other embodiments, the certification authority may implement a modified data model or alternative data models. - Turning now to
FIGS. 4 and 5 ,illustrative routines routines certification authority 102 regardless of whether such implementation may involve multiple components associated with the certification authority. With reference toFIG. 4A , atblock 402, thecertification authority 102 obtains certification selection criteria. Illustratively, an entity, such as apotential vendor 104,integrator 106 orservice provider 108, sends a certification request to thecertification authority 102. Illustratively, the certification criteria included in the request will specify the role of the entity (e.g., a vendor) and a desired certification level (e.g. silver). - Upon receipt of the request, the
certification authority 102 processes the request and determines certification requirements for the requesting entity based on the role of the entity and the desired certification level. In the embodiment illustrated inFIGS. 4A and 4B , thecertification authority 102 can implement an iterative process to select appropriate certification requirements based on role and certification level. More specifically, atblock 404, thecertification authority 102 processes certification requirements for the organization process area 302 (FIG. 3A ). As previously described, the organization process area may be applicable to all roles. Anillustrative sub-routine 500 for processing the requirements according to a specific process area will be described with regard toFIGS. 5A and 5B . - At
decision block 406, a test is conducted to determine whether the designated role corresponds to avendor role 104. If the role of the requester is a vendor, thecertification authority 102 will identify certification requirements for each component to be provided by the vendor. Accordingly, thecertification authority 102 enters an iterative loop to select a next component atblock 408 and process the certification requirements for systems capability process area 304 (FIG. 3A ), which is applicable to for entities that are in a vendor role.Blocks - At
decision block 412, a test is conducted to determine whether the designated role corresponds to anintegrator role 106. If the role of the requester is an integrator, thecertification authority 102 will process the certification requirements for systems acceptance testing and commissioning process area 306 (FIG. 3A ), which is applicable to for entities that are in an integrator role. In one embodiment, the integrator role may require the utilization of vendors that have been certified by thecertification authority 102. - Turning now to
FIG. 4B , atdecision block 412, a test is conducted to determine whether the designated role corresponds to aservice provider role 106. If the role of the requester is a service provider, thecertification authority 102 will process the certification requirements for systems maintenance and support process area 308 (FIG. 3A ), which is applicable to for entities that are in a service provider role. In one embodiment, the integrator role may require the utilization of vendors and integrators that have been certified by thecertification authority 102. Atblock 420, the routine 400 terminates. Upon the termination ofroutine 400, thecertification authority 102 may store the determined certification requirements, transmit the determined certification requirements, publish the determined certification requirements and the like. - With reference to
FIGS. 5A and 5B , a sub-routine 500 for determining process areas requirements for a defined process area will be described. With reference toFIGS. 4A and 4B , sub-routine 500 may be implemented multiple times, such as atblock certification authority 102 implements an iterative process of examining each process area subgroup for a specified process area. In turn, thecertification authority 102 then examines each base practice objective for each of the identified process area subgroups. Still further, thecertification authority 102 then examines each of the individual certification requirements for each identified base practice objective. - With reference to
FIG. 5A , thecertification authority 102 identifies the next process area subgroup for the defined process area atblock 502. Atblock 504, thecertification authority 102 selects the next base practice objective. Atblock 506, thecertification authority 102 selects the next certification requirement for the current base practice objective. - At
decision block 508, a test is conducted to determine whether the certification level associated with the current certification requirement meets or is less than the certification level specified in the request from the entity. For example, a specified desired level for silver certification would encompass all certification requirements associated with a bronze or silver level of certification. If the current certification requirement meets or is less than the certification level specified in the request, atblock 510, the certification requirement is added to the certification scope (e.g., the set of required certification requirements). If not, the current certification requirement may be omitted. - At
decision block 510, a test is conducted to determine whether additional certification requirements are identified for the specified base practice objective. If so, the sub-routine 500 returns to block 506 until all the requirements for the current base practice objective have been evaluated or alternatively until one requirement is determined not be required. - Turning to
FIG. 5B , once all the certification requirements for the current base practice objective have been satisfied, atdecision block 514, a test is conducted to determine whether additional base practice objective are defined for the current process area subgroup. If so, the sub-routine 500 returns to block 504 to process the next base practice objective for the current process area subgroup. Portions ofsub-routine 500 then repeat until all the base practice objectives for the current process area subgroup have been evaluated. - At
decision block 516, once all the base practice objectives for a current process area subgroup have been evaluated, a test is conducted to determine whether additional process area subgroups remain to be evaluated. If so, the sub-routine 500 returns to block 502 to process the next process area subgroup for the specified process area. Portions ofsub-routine 500 then repeat until all the process area subgroups for the specified process area have been evaluated. Upon the completion of the evaluation all process area subgroups (and corresponding base practice objectives and certification requirements), the sub-routine 500 returns the identified certification requirements atblock 518. - Turning now to
FIGS. 6 and 7 ,illustrative routines routines certification authority 102 regardless of whether such implementation may involve multiple components associated with the certification authority. With reference toFIG. 6A , atblock 602, thecertification authority 102 obtains certification scoping information from the request entity. Illustratively, an entity, such as apotential vendor 104,integrator 106 orservice provider 108, sends a certification request to thecertification authority 102. Illustratively, the certification information include the identification of the set of certification requirements previously determined by the certification authority (FIGS. 4A and 4B ) along with evidence of implementation. The evidence of implementation may vary according to specific certification requirements and will be generally referred to as warrants. - Similar to routine 400, upon receipt of the request, the
certification authority 102 processes the request and determines certification compliance for the requesting entity based on the role of the entity and the desired certification level. In the embodiment illustrated inFIGS. 6A and 6B , thecertification authority 102 can implement an iterative process to select appropriate certification requirements based on role and certification level. More specifically, atblock 604, thecertification authority 102 processes certification analysis for the organization process area 302 (FIG. 3A ). As previously described, the organization process area may be applicable to all roles. Anillustrative sub-routine 700 for processing the requirements according to a specific process area will be described with regard toFIG. 7 . - At
decision block 606, a test is conducted to determine whether the designated role corresponds to avendor role 104. If the role of the requester is a vendor, thecertification authority 102 will identify certification analysis for each component to be provided by the vendor. Accordingly, thecertification authority 102 enters an iterative loop to select a next component atblock 608 and process the certification requirements for systems capability process area 304 (FIG. 3A ), which is applicable to for entities that are in a vendor role.Blocks - At
decision block 612, a test is conducted to determine whether the designated role corresponds to anintegrator role 106. If the role of the requester is an integrator, thecertification authority 102 will process the certification analysis for systems acceptance testing and commissioning process area 306 (FIG. 3A ), which is applicable to for entities that are in an integrator role. In one embodiment, the integrator role may require the utilization of vendors that have been certified by thecertification authority 102. - Turning now to
FIG. 6 , atdecision block 612, a test is conducted to determine whether the designated role corresponds to aservice provider role 106. If the role of the requester is a service provider, thecertification authority 102 will process the certification analysis for systems maintenance and support process area 308 (FIG. 3A ), which is applicable to for entities that are in a service provider role. In one embodiment, the integrator role may require the utilization of vendors and integrators that have been certified by thecertification authority 102. Atblock 620, the routine 600 terminates. Upon the termination ofroutine 600, thecertification authority 102 may store the determined certification, transmit the determined certification, publish the determined certification and the like. Illustratively, the determined certification can include a determination that certification is complete or incomplete. - With reference to
FIG. 7 , a sub-routine 700 for determining whether certification requirements for a defined process area will be described.Sub-routine 700 may be implemented multiple times, such as atblock certification authority 102 implements an iterative process of examining each process area subgroup for a specified process area. - At
block 702, thecertification authority 102 identifies the next certification requirement for the defined process area. Atblock 704, thecertification authority 102 obtains the warrant information corresponding to the information submitted by the requester that is purportedly evidentiary of satisfaction of the selected system requirement. - At
decision block 706, a test is conducted to determine whether the certification requirement has been met. If so, thecertification authority 102 designates the certification requirement as satisfied atblock 708 and may increment a counter related to a number of certification requirements satisfied. In some embodiments, thecertification authority 102 and requesting entity may have any number of supplemental interactions related to an establishment of whether the certification requirement has been implemented. - In some embodiments, the certification authority may allow some portion of the certification requirements to be designated as future implementations. For example, one or more certification requirements may not be able to be satisfied until a minimum number of sales or installations occur. In another example, the certification authority may allow the requester some time period to implement one or more certification requirements. Accordingly, in this embodiment, if at
decision block 706 the certification requirement is not satisfied, atdecision block 710, a test is conducted to determine whether the certification criteria is associated with time criteria that will allow the certification requirement to be implemented in the future. If so, atblock 712, thecertification authority 102 designates the certification requirement as a future implementation and may increment a counter related to a number of future implementations. - If the current requirement is not associated with time criteria, at
block 714, thecertification authority 102 designates the certification requirement as not satisfied and may increment a counter related to a number of failed certification requirements. - At
decision block 716, a test is then conducted to determine whether additional certification requirements exist. If so, the sub-routine 700 returns to block 702 to select the next certification requirement. Alternatively, the sub-routine 700 returns the results atblock 718. - As discussed with regard to
FIG. 2B , once all the certification requirements have been evaluated, thecertification authority 102 can utilize multiple threshold to determine whether certification is appropriate and at what level. In one example, the certification authority may utilize a threshold that indicates that maximum number of certification requirements that are designated as not satisfied or a list of certification requirements that must be satisfied. In another example, the certification authority may utilize a threshold that identifies a maximum number of future implementation. In another embodiment, the certification authority may also utilize weighing schemas in which certification requirements are associated with weights according to priorities or importance. In this embodiment, the analysis of the certification would include a determination of an overall score based on average weights of the individual certification requirements or a sum total of the weights of the satisfied certification requirements. Other analysis techniques may also be implemented. - While illustrative embodiments have been disclosed and discussed, one skilled in the relevant art will appreciate that additional or alternative embodiments may be implemented within the spirit and scope of the present disclosure. Additionally, although many embodiments have been indicated as illustrative, one skilled in the relevant art will appreciate that the illustrative embodiments do not need to be combined or implemented together. As such, some illustrative embodiments do not need to be utilized or implemented in accordance with the scope of variations to the present disclosure.
- Conditional language, such as, among others, “can,” “could,” “might,” or “may,” unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or steps. Thus, such conditional language is not generally intended to imply that features, elements and/or steps are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without user input or prompting, whether these features, elements and/or steps are included or are to be performed in any particular embodiment.
- Any process descriptions, elements, or blocks in the flow diagrams described herein and/or depicted in the attached figures should be understood as potentially representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps in the process. Alternate implementations are included within the scope of the embodiments described herein in which elements or functions may be deleted, executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those skilled in the art. It will further be appreciated that the data and/or components described above may be stored on a computer-readable medium and loaded into memory of the computing device using a drive mechanism associated with a computer-readable medium storing the computer executable components, such as a CD-ROM, DVD-ROM, or network interface. Further, the component and/or data can be included in a single device or distributed in any manner. Accordingly, general purpose computing devices may be configured to implement the processes, algorithms and methodology of the present disclosure with the processing and/or execution of the various data and/or components described above. Alternatively, some or all of the methods described herein may alternatively be embodied in specialized computer hardware. In addition, the components referred to herein may be implemented in hardware, software, firmware or a combination thereof.
- It should be emphasized that many variations and modifications may be made to the above-described embodiments, the elements of which are to be understood as being among other acceptable examples. All such modifications and variations are intended to be included herein within the scope of this disclosure and protected by the following claims.
-
APPENDIX A Process Area Categories PA BP ID Base Practice Objective Organizational PA01: Prepare BP.01.01 Requirement recognition and Process Areas and Inform enforcement Personnel BP.01.02 Ensure alignment BP.01.03 Protect sensitive documentation BP.01.04 Background checks BP.01.05 Competent personnel BP.01.06 Confidentiality and user agreements PA02: Designate BP.02.01 Nominate the role a Security Contact PA03: Specify BP.03.01 Standards employed Base Practices BP.03.02 Security certificates System Capability PA04: Harden BP.04.01 Document requirements Process Areas the System BP.04.02 Manage 3rd party software BP.04.03 Conduct 3rd party security architecture reviews BP.04.04 Declaration of trusted interfaces BP.04.05 Strengthen Protocol PA05: Protect BP.05.01 Support anti-virus software from Malicious BP.05.02 Proper installation instructions Code BP.05.03 Virus-free equipment PA06: Implement BP.06.01 Policy documentation Patch BP.06.02 Patch qualification Management BP.06.03 Provide patch list BP.06.04 Prompt patch notification BP.06.05 Audit tools BP.06.06 Patching documentation PA07: Secure BP.07.01 Multiple default passwords Account BP.07.02 Removable default accounts Management BP.07.03 Minimum password strength BP.07.04 Password lifetimes and reuse restrictions BP.07.05 Persistence of special accounts BP.07.06 Role-based access for network devices BP.07.07 Unified account management BP.07.08 Maintain account logs PA08: Support BP.08.01 Backup documentation Backup/Restore BP.08.02 Backup process PA09: Increase BP.09.01 Security monitoring protocols Network Visibility BP.09.02 Management Information Base PA10: BP.10.01 Historian data collection Standardize BP.10.02 Data warehouses Historian BP.10.03 Log and event management Interfaces PA11: Verify BP.11.01 Operator acknowledgement Operations BP.11.02 Automated Operations PA12: Connect BP.12.01 Approved standards Wirelessly BP.12.02 Configuration methods PA13: Fortify SIS BP.13.01 Configuration key switch Connectivity BP.13.02 Third-party assessment BP.13.03 Communications integrity BP.13.04 Layer 3 connections BP.13.05 DCS communications BP.13.06 SIS EWS PA14: Provide BP.14.01 Remote access applications Remote Access BP.14.02 Remote update applications PA15: Protect BP.15.01 Protect data at rest Data BP.15.02 Protect data in transit BP.15.03 Encryption System Acceptance PA16: Manage BP.16.01 Risk assessment Testing & the Deployment BP.16.02 Inventory register Commissioning BP.16.03 Temporary account removal Process Areas BP.16.04 Network scan BP.16.05 Relevant processes BP.16.06 Timely notification PA17: Harden BP.17.01 Hardened system demonstration the System BP.17.02 Firewall use PA18: Protect BP.18.01 Quality definition files from Malicious BP.18.02 General anti-virus policy Code BP.18.03 Portable media procedure BP.18.04 Anti-virus management BP.18.05 Anti-virus demonstration PA19: Implement BP.19.01 Up-to-date systems Patch Management PA20: Secure BP.20.01 Individual accounts Account BP.20.02 Default passwords Management BP.20.03 Minimum password strength BP.20.04 Password lifetimes and reuse restrictions BP.20.05 Persistence of special accounts BP.20.06 Role-based access for network devices BP.20.07 Workstation session lock PA21: Support BP.21.01 Regular backups Backup/Restore BP.21.02 Backup demonstration PA22: Implement BP.22.01 Architecture drawings the Architecture BP.22.02 Network layer separation BP.22.03 Time synchronization PA23: Connect BP.23.01 Service Set Identifier (SSID) Wirelessly BP.23.02 Wireless device maintenance BP.23.03 Safeguarding functions BP.23.04 Secure accounts BP.23.05 Wireless workers and CSAD BP.23.06 Architecture documentation PA24: Provide BP.24.01 Remote access documentation Remote Access BP.24.02 Connection approval and review PA25: Protect BP.25.01 Protect data at rest Data BP.25.02 Protect data in transit BP.25.03 Encryption BP.25.04 Encryption key management BP.25.05 Digital certificate management Maintenance & PA26: Manage BP.26.01 Risk assessment Support Process the Deployment BP.26.02 Inventory register Areas BP.26.03 Temporary account removal BP.26.04 Network scan BP.26.05 Relevant processes BP.26.06 Timely notification PA27: Harden BP.27.01 Harden system demonstration the Systems BP.27.02 Firewall use PA28: Protect BP.28.01 General anti-virus policy from Malicious BP.28.02 Portable media procedure Code BP.28.03 Anti-virus management PA29: Implement BP.29.01 Up-to-date systems Patch Management PA30: Secure BP.30.01 Individual accounts Account BP.30.02 Minimum password strength Management BP.30.03 Password lifetimes and reuse restrictions BP.30.04 Persistence of special accounts BP.30.05 Role-based access for network devices BP.30.06 Workstation session lock PA31: Support BP.31.01 Regular backups Backup/Restore BP.31.02 Backup prior to change event BP.31.03 Backup demonstration PA32: Implement BP.32.01 Architecture drawings the Architecture BP.32.02 Network layer separation PA33: Connect BP.33.01 Service set identifier (SSID) Wirelessly BP.33.02 Wireless device maintenance BP.33.03 Safeguarding functions BP.33.04 Secure accounts BP.33.05 Wireless workers and CSAD BP.33.06 Architecture documentation PA34: Provide BP.34.01 Remote access documentation Remote Access BP.34.02 Connection approval and review PA35: Protect BP.35.01 Protect data at rest Data BP.35.02 Protect data in transit BP.35.03 Encryption BP.35.04 Encryption key management BP.35.05 Digital certificate management
Claims (25)
1. A method for managing certifications of entities comprising:
obtaining a request for certification of an entity, wherein the request for certification includes a specification of a role for the entity, the role selected as one of a vendor, an integrator or a service provider and wherein the request for certification includes a specification of a level of certification selected from one of three levels of certification;
obtaining a set of certification requirements, the set of certification requirements organized according to a set of process areas, each process area is applicable to one or more roles;
wherein each process area defines a set of process area subgroups;
wherein each process area subgroup defines one or more base practice objectives; and
wherein each base practice objective defines two or more certification requirements organized by a level of certification, wherein at least two certification requirements correspond to different levels of the three level of certification;
identifying two or more process areas applicable to the request for certification based on the role identified in the request for certification, wherein the identified two or more process areas define a target set of certification requirements;
for each identified process area; iteratively identifying one or more certification requirements based on whether a certification level associated with each of the target set of certification requirements is satisfied by the specification of the level of certification in the request for certification;
providing the identified one or more certification requirements responsive to the request for certification;
obtaining information indicative of certification information corresponding to the identified one or more certification requirements;
analyzing the certification information to identify a number of certification requirements that are indicative of being implemented, a number of certification requirements that may be implemented in the future, and a number of certification requirements that have not been implemented;
comparing the number of certification requirements that are indicative of being implemented, the number of certification requirements that may be implemented in the future, and the number of certification requirements that have not been implemented with one or more thresholds; and
determining certification based on the comparison.
2. The method as recited in claim 1 , wherein the set of process areas include at least one process area applicable to all roles.
3. The method as recited in claim 1 , wherein the set of process areas include at least one process area applicable to a single role.
4. The method as recited in claim 1 , wherein each base process practice objective includes at least one certification requirement for each of the three levels of certification.
5. The method as recited in claim 1 , wherein the three levels of certification are hierarchically arranged.
6. The method as recited in claim 5 :
wherein a first level of certification requirements corresponds to a minimum number of certification requirements,
wherein a second level of certification requirements corresponds to the minimum number of certification requirements from the first level plus a first additional number of certification requirements, and
wherein a third level of certification requirements corresponds to the minimum number of certification requirements from the first level, the first additional requirements number of certification requirements from the second level and a second additional number of certification requirements.
7. The method as recited in claim 5 , wherein each of the three levels has no overlapping certification requirements.
8. The method as recited in claim 1 , wherein the one or more thresholds correspond to a maximum number of certification requirements that may be implemented in the future.
9. The method as recited in claim 1 , wherein the one or more thresholds correspond to a maximum number of certification requirements that have not been implemented.
10. The method as recited in claim 1 , wherein the number of certification requirements that may be implemented in the future are associated with time criteria.
11. The method as recited in claim 1 , wherein determining certification based on the comparison includes determining a specified level of certification has been satisfied.
12. The method as recited in claim 1 , wherein determining certification based on the comparison includes determining a specified level of certification has not been satisfied.
13. A method for managing certifications of entities comprising:
obtaining a request for certification of an entity, wherein the request for certification includes a specification of a role for the entity, the role selected as one of a set of roles and wherein the request for certification includes a specification of a level of certification selected from a set of levels of certification;
obtaining a set of certification requirements, the set of certification requirements organized according to a set of process areas, each process area is applicable to one or more roles;
wherein each process area defines a set of process area subgroups;
wherein each process area subgroup defines one or more base practice objectives; and
wherein each base practice objective defines certification requirements organized by a level of certification;
identifying process areas applicable to the request for certification based on the role identified in the request for certification, wherein the identified process areas define a target set of certification requirements;
for each identified process area; iteratively identifying one or more certification requirements based on whether a certification level associated with each of the target set of certification requirements is satisfied by the specification of the level of certification in the request for certification;
providing the identified one or more certification requirements responsive to the request for certification.
14. The method as recited in claim 13 , wherein the set of process areas include at least one process area applicable to all roles.
15. The method as recited in claim 13 , wherein the set of process areas include at least one process area applicable to a single role.
16. The method as recited in claim 13 , wherein each base process practice objective includes at least one certification requirement for each of the levels of certification.
17. The method as recited in claim 13 , wherein the three levels of certification are hierarchically arranged.
18. The method as recited in claim 13 , wherein at least two certification requirements correspond to different levels of the level of certification.
19. A method for managing certifications of entities comprising:
obtaining information indicative of certification information corresponding to a set of identified certification requirements,
wherein the certification requirements were determined by processing a set of certification requirements to a selected role and certification level;
wherein the set of certification requirements are organized according to a set of process areas, each process area is applicable to one or more roles;
wherein each process area defines a set of process area subgroups;
wherein each process area subgroup defines one or more base practice objectives; and
wherein each base practice objective defines two or more certification requirements organized by a level of certification, wherein at least two certification requirements correspond to different levels of the three level of certification;
analyzing the certification information to identify a number of certification requirements that are indicative of being implemented, a number of certification requirements that may be implemented in the future, and a number of certification requirements that have not been implemented;
comparing the number of certification requirements that are indicative of being implemented, the number of certification requirements that may be implemented in the future, and the number of certification requirements that have not been implemented with one or more thresholds; and
determining certification based on the comparison.
20. The method as recited in claim 19 , wherein the three levels of certification are hierarchically arranged.
21. The method as recited in claim 19 , wherein the one or more thresholds correspond to a maximum number of certification requirements that may be implemented in the future.
22. The method as recited in claim 19 , wherein the one or more thresholds correspond to a maximum number of certification requirements that have not been implemented.
23. The method as recited in claim 19 , wherein the number of certification requirements that may be implemented in the future are associated with time criteria.
24. The method as recited in claim 19 , wherein determining certification based on the comparison includes determining a specified level of certification has been satisfied.
25. The method as recited in claim 19 , wherein determining certification based on the comparison includes determining a specified level of certification has not been satisfied.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US13/644,372 US20140101437A1 (en) | 2012-10-04 | 2012-10-04 | Automated certification based on role |
| PCT/US2013/063132 WO2014055694A2 (en) | 2012-10-04 | 2013-10-02 | Automated certification based on role |
| US15/898,159 US20190036935A1 (en) | 2012-10-04 | 2018-02-15 | Automated certification based on role |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US13/644,372 US20140101437A1 (en) | 2012-10-04 | 2012-10-04 | Automated certification based on role |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US15/898,159 Continuation US20190036935A1 (en) | 2012-10-04 | 2018-02-15 | Automated certification based on role |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US20140101437A1 true US20140101437A1 (en) | 2014-04-10 |
Family
ID=50433715
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US13/644,372 Abandoned US20140101437A1 (en) | 2012-10-04 | 2012-10-04 | Automated certification based on role |
| US15/898,159 Abandoned US20190036935A1 (en) | 2012-10-04 | 2018-02-15 | Automated certification based on role |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US15/898,159 Abandoned US20190036935A1 (en) | 2012-10-04 | 2018-02-15 | Automated certification based on role |
Country Status (2)
| Country | Link |
|---|---|
| US (2) | US20140101437A1 (en) |
| WO (1) | WO2014055694A2 (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140278832A1 (en) * | 2013-03-15 | 2014-09-18 | Abbott Point Of Care Inc. | Management system for point of care testing |
| US9602540B1 (en) * | 2013-06-13 | 2017-03-21 | Amazon Technologies, Inc. | Enforcing restrictions on third-party accounts |
| US20170185754A1 (en) * | 2014-07-08 | 2017-06-29 | Hewlett-Packard Development Company, L.P. | Composite document access |
| US20190087834A1 (en) * | 2017-09-15 | 2019-03-21 | Pearson Education, Inc. | Digital credential analysis in a digital credential platform |
| US10362019B2 (en) | 2011-07-29 | 2019-07-23 | Amazon Technologies, Inc. | Managing security credentials |
| US10475018B1 (en) | 2013-11-29 | 2019-11-12 | Amazon Technologies, Inc. | Updating account data for multiple account providers |
| US10505914B2 (en) | 2012-02-01 | 2019-12-10 | Amazon Technologies, Inc. | Sharing account information among multiple users |
| US11062326B2 (en) * | 2014-04-07 | 2021-07-13 | John Richard Bucher | Compliance management techniques |
| US11249783B1 (en) | 2018-05-23 | 2022-02-15 | Open Invention Network Llc | Intra application container direct communication protocol |
| US11283785B2 (en) * | 2019-09-24 | 2022-03-22 | Citrix Systems, Inc. | Systems and methods for credential control among a plurality of client devices |
| US11444936B2 (en) | 2011-07-29 | 2022-09-13 | Amazon Technologies, Inc. | Managing security credentials |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6157808A (en) * | 1996-07-17 | 2000-12-05 | Gpu, Inc. | Computerized employee certification and training system |
| US20020031752A1 (en) * | 1999-11-17 | 2002-03-14 | Kouba Don M. | Remote certification of workers for multiple worksites |
| US20020166049A1 (en) * | 2000-12-22 | 2002-11-07 | Sinn Richard P. | Obtaining and maintaining real time certificate status |
| US20030139953A1 (en) * | 2002-01-24 | 2003-07-24 | Daniel Guenther | Method and system for role analysis |
| US20050239036A1 (en) * | 2004-04-23 | 2005-10-27 | Mcgar Michael L | Multimedia training system and apparatus |
| US20050278187A1 (en) * | 2004-06-14 | 2005-12-15 | Bobbitt Christopher L | System and method for management of a certification program |
| US20070192173A1 (en) * | 2006-02-15 | 2007-08-16 | Caterpillar Inc. | System and method for training a machine operator |
| US20070226149A1 (en) * | 2006-03-24 | 2007-09-27 | Walgreen Co. | License verification system and method |
| US20080015978A1 (en) * | 2006-06-14 | 2008-01-17 | Curry Edith L | Methods of monitoring behavior/activity of an individual associated with an organization |
| US20100057493A1 (en) * | 2008-09-02 | 2010-03-04 | Wendy Heckelman | Method for Independent Compliance Certification and Training |
| US20100191583A1 (en) * | 2009-01-28 | 2010-07-29 | Accenture Global Services Gmbh | Accreditation Tracker |
| US20100217718A1 (en) * | 2007-07-19 | 2010-08-26 | Depalma Mark S | Systems and methods for accumulating accreditation |
| US20100306118A1 (en) * | 2009-05-29 | 2010-12-02 | Kochevar Peter D | System for process for remote determination of compliance status |
| US20110281246A1 (en) * | 2010-05-11 | 2011-11-17 | Across The Street Productions | Hazard-Zone Incident Command Training and Certification Systems |
| US8285521B1 (en) * | 2011-09-20 | 2012-10-09 | Google Inc. | Certification controls for a structure design, analysis, and implementation system |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7017046B2 (en) * | 1997-09-22 | 2006-03-21 | Proofspace, Inc. | System and method for graphical indicia for the certification of records |
| US20020059364A1 (en) * | 1999-02-08 | 2002-05-16 | Christopher M Coulthard | Content certification |
| AU782518B2 (en) * | 2000-01-07 | 2005-08-04 | International Business Machines Corporation | A method for inter-enterprise role-based authorization |
| JP2002099211A (en) * | 2000-09-21 | 2002-04-05 | Sony Corp | System and method for processing public key certificate issuing request |
| US6980927B2 (en) * | 2002-11-27 | 2005-12-27 | Telos Corporation | Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing continuous risk assessment |
| US9002018B2 (en) * | 2006-05-09 | 2015-04-07 | Sync Up Technologies Corporation | Encryption key exchange system and method |
| US8577773B2 (en) * | 2006-12-01 | 2013-11-05 | Acupay System Llc | Document processing systems and methods for regulatory certifications |
| US8347361B2 (en) * | 2006-12-14 | 2013-01-01 | Mosaid Technologies Incorporated | Distributed network management hierarchy in a multi-station communication network |
| WO2011019898A1 (en) * | 2009-08-12 | 2011-02-17 | General Instrument Corporation | Configurable online public key infrastructure (pki) management framework |
| JP2013507699A (en) * | 2009-10-16 | 2013-03-04 | アーマーログ リミテッド | System and method for improving user account access security |
| US8387137B2 (en) * | 2010-01-05 | 2013-02-26 | Red Hat, Inc. | Role-based access control utilizing token profiles having predefined roles |
-
2012
- 2012-10-04 US US13/644,372 patent/US20140101437A1/en not_active Abandoned
-
2013
- 2013-10-02 WO PCT/US2013/063132 patent/WO2014055694A2/en active Application Filing
-
2018
- 2018-02-15 US US15/898,159 patent/US20190036935A1/en not_active Abandoned
Patent Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6157808A (en) * | 1996-07-17 | 2000-12-05 | Gpu, Inc. | Computerized employee certification and training system |
| US20020031752A1 (en) * | 1999-11-17 | 2002-03-14 | Kouba Don M. | Remote certification of workers for multiple worksites |
| US20020166049A1 (en) * | 2000-12-22 | 2002-11-07 | Sinn Richard P. | Obtaining and maintaining real time certificate status |
| US20030139953A1 (en) * | 2002-01-24 | 2003-07-24 | Daniel Guenther | Method and system for role analysis |
| US20050239036A1 (en) * | 2004-04-23 | 2005-10-27 | Mcgar Michael L | Multimedia training system and apparatus |
| US20050278187A1 (en) * | 2004-06-14 | 2005-12-15 | Bobbitt Christopher L | System and method for management of a certification program |
| US20070192173A1 (en) * | 2006-02-15 | 2007-08-16 | Caterpillar Inc. | System and method for training a machine operator |
| US20070226149A1 (en) * | 2006-03-24 | 2007-09-27 | Walgreen Co. | License verification system and method |
| US20080015978A1 (en) * | 2006-06-14 | 2008-01-17 | Curry Edith L | Methods of monitoring behavior/activity of an individual associated with an organization |
| US20100217718A1 (en) * | 2007-07-19 | 2010-08-26 | Depalma Mark S | Systems and methods for accumulating accreditation |
| US20100057493A1 (en) * | 2008-09-02 | 2010-03-04 | Wendy Heckelman | Method for Independent Compliance Certification and Training |
| US20100191583A1 (en) * | 2009-01-28 | 2010-07-29 | Accenture Global Services Gmbh | Accreditation Tracker |
| US20100306118A1 (en) * | 2009-05-29 | 2010-12-02 | Kochevar Peter D | System for process for remote determination of compliance status |
| US20110281246A1 (en) * | 2010-05-11 | 2011-11-17 | Across The Street Productions | Hazard-Zone Incident Command Training and Certification Systems |
| US8285521B1 (en) * | 2011-09-20 | 2012-10-09 | Google Inc. | Certification controls for a structure design, analysis, and implementation system |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10362019B2 (en) | 2011-07-29 | 2019-07-23 | Amazon Technologies, Inc. | Managing security credentials |
| US11444936B2 (en) | 2011-07-29 | 2022-09-13 | Amazon Technologies, Inc. | Managing security credentials |
| US11381550B2 (en) | 2012-02-01 | 2022-07-05 | Amazon Technologies, Inc. | Account management using a portable data store |
| US10505914B2 (en) | 2012-02-01 | 2019-12-10 | Amazon Technologies, Inc. | Sharing account information among multiple users |
| US12177201B2 (en) | 2012-02-01 | 2024-12-24 | Amazon Technologies, Inc. | Managing security credentials |
| US20140278832A1 (en) * | 2013-03-15 | 2014-09-18 | Abbott Point Of Care Inc. | Management system for point of care testing |
| US9792572B2 (en) * | 2013-03-15 | 2017-10-17 | Abbott Point Of Care Inc. | Management system for point of care testing |
| US11995598B2 (en) | 2013-03-15 | 2024-05-28 | Abbott Point Of Care Inc. | Management system for point of care testing |
| US11488088B2 (en) | 2013-03-15 | 2022-11-01 | Abbott Point Of Care Inc. | Management system for point of care testing |
| US10984366B2 (en) * | 2013-03-15 | 2021-04-20 | Abbott Point Of Care Inc. | Management system for point of care testing |
| US10560435B2 (en) | 2013-06-13 | 2020-02-11 | Amazon Technologies, Inc. | Enforcing restrictions on third-party accounts |
| US9602540B1 (en) * | 2013-06-13 | 2017-03-21 | Amazon Technologies, Inc. | Enforcing restrictions on third-party accounts |
| US11004054B2 (en) | 2013-11-29 | 2021-05-11 | Amazon Technologies, Inc. | Updating account data for multiple account providers |
| US10475018B1 (en) | 2013-11-29 | 2019-11-12 | Amazon Technologies, Inc. | Updating account data for multiple account providers |
| US11062326B2 (en) * | 2014-04-07 | 2021-07-13 | John Richard Bucher | Compliance management techniques |
| US10719585B2 (en) * | 2014-07-08 | 2020-07-21 | Hewlett-Packard Development Company, L.P. | Composite document access |
| US20170185754A1 (en) * | 2014-07-08 | 2017-06-29 | Hewlett-Packard Development Company, L.P. | Composite document access |
| US20190087834A1 (en) * | 2017-09-15 | 2019-03-21 | Pearson Education, Inc. | Digital credential analysis in a digital credential platform |
| US11249783B1 (en) | 2018-05-23 | 2022-02-15 | Open Invention Network Llc | Intra application container direct communication protocol |
| US11283785B2 (en) * | 2019-09-24 | 2022-03-22 | Citrix Systems, Inc. | Systems and methods for credential control among a plurality of client devices |
Also Published As
| Publication number | Publication date |
|---|---|
| US20190036935A1 (en) | 2019-01-31 |
| WO2014055694A3 (en) | 2014-07-31 |
| WO2014055694A2 (en) | 2014-04-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190036935A1 (en) | Automated certification based on role | |
| Leander et al. | Applicability of the IEC 62443 standard in Industry 4.0/IIoT | |
| Brass et al. | Adaptive governance for the Internet of Things: Coping with emerging security risks | |
| US8019857B2 (en) | Flexible system health and remediation agent | |
| US20090049514A1 (en) | Autonomic trust management for a trustworthy system | |
| Hassani et al. | Vulnerability and security risk assessment in a IIoT environment in compliance with standard IEC 62443 | |
| US12155768B2 (en) | Zero trust based access management of infrastructure within enterprise using micro-segmentation and decentralized identifier network | |
| CN119011308B (en) | Internet of things equipment safety management method, system, equipment and medium based on information creation environment | |
| CN116155531A (en) | Method and device for network equipment security management based on SOAR and electronic equipment | |
| Iturbe et al. | Information security risk assessment methodology for industrial systems supporting ISA/IEC 62443 compliance | |
| Hlaing et al. | An integrated cost-effective security requirement engineering process in SDLC using FRAM | |
| Dixit et al. | Cybersecurity: guiding principles and risk management advice for healthcare boards, senior leaders and risk managers | |
| CN116436689A (en) | Vulnerability processing method and device, storage medium and electronic equipment | |
| Hatzivasilis et al. | Continuous Security Assurance of Modern Supply-Chain Ecosystems with Application in Autonomous Driving: The FISHY approach for the secure autonomous driving domain | |
| Ting et al. | Securing Manufacturing through Patch Management for IoT Devices | |
| Gourisetti et al. | Facility Cybersecurity Framework Best Practices | |
| Diwan et al. | Risk management framework and evaluation: Detail site study and governance of information security risk management in medical information technology infrastructure in hospitals | |
| Gourisetti et al. | Facility cybersecurity framework best practices version 2.0 | |
| Cindrić et al. | Mapping of Industrial IoT to IEC 62443 Standards | |
| US20240372888A1 (en) | Continuous security posture validation and authorization to operate based on automated intelligent bots | |
| Reeve et al. | Challenges and Opportunities to Secure Buildings from Cyber Threats | |
| CN118827240B (en) | Risk management methods, systems, equipment and media for integrated functions and information security | |
| Mishra et al. | Power Grids-Cyber Security Requirements for SCADA and Substations | |
| Kim et al. | A Study on the Strengthening of Smart Factory Security in OT (Operational Technology) Environment | |
| CN119201334A (en) | Vehicle data security hosting method, system, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AS | Assignment |
Owner name: WURLDTECH SECURITY TECHNOLOGIES, CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KUBE, NATHAN JOHN WALTER;HOLSTEIN, DENNIS;FAIFMAN, GABRIEL;REEL/FRAME:031325/0052 Effective date: 20121003 |
|
| STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |